<?php
session_start();
include_once 'functions/function.php';
include_once 'functions/privateForumUsers.class.php';

$Db = Db();


if(!isset($_SESSION['id'])){
    
     
    session_start();
    session_unset();
    session_destroy();

    header('Location: index.php');
}


if(isset($_POST['add'])){
    
    $pass = "false";
    
    $userID = 0;
    
    $forumTitle = $_GET['forumTitle'];
    
    if(isset($_POST['value'])){
        
        $email = $_POST['value'];
        
       
        
        $queryUser = $Db->query("Select *from user where email = \"$email\"");
        
        if($result = $queryUser->fetch()){
            
            $me = $result['username'];
            
            $userId = $result['id'];
            
            $queryGroup = $Db->query("Select *from forum where forumTitle = \"$forumTitle\"");
            
            $result2 = $queryGroup->fetch();
            
            $groupID = $result2['fid'];
            
            $queryUserInGroup = $Db->query("Select *from private where groupID = $groupID AND userID = $userId");
            
            if($result3 = $queryUserInGroup->fetch()){
                
                $pass = "This user already belongs in the group";
               
            }
            else{
                
                $pass = "true";
                $userID = $userId;
            }
            if($userId==$_SESSION['id']){
                
               $pass="Sorry, you are the owner of the group and therefore already a member";
            }
        }
        else{
            
            $pass = "Invalid Email. The user with this email has not been registered";
        }
        
        if($email == ""){
                $pass = "Please enter an email address";
        }
        
        
        
        
    }
    
    if($pass=="true"){
    //echo "enters";
    
    
    //echo $forumTitle;
   
    
    $query = $Db->query("SELECT *from forum where forumTitle = \"$forumTitle\"");
    $response = $query->fetch();
    $fid = $response['fid'];
   
   
    $user = $userID;
    
        $addition = new privateForumUsers($fid,$user);
  
       $addition->add();
        
        //echo "does the addition";
    
    
    header("Location: privateForumUsers.php?display=$pass&forumTitle=$forumTitle");
    }
    else{
      //header("Location: privateForumUsers.php?forumTitle=".$_GET['forumTitle']);
       
        $display = $pass;
        
        //header("Location: privateForumUsers.php?display=$pass&forumTitle=$forumTitle");
    }
}


if(isset($_POST['remove'])){
    
    $pass = "false";
    
    $userID = 0;
    
    $forumTitle = $_GET['forumTitle'];
    
    if(isset($_POST['value'])){
        
        $email = $_POST['value'];
        
        $queryUser = $Db->query("Select *from user where email = \"$email\"");
        
        if($result = $queryUser->fetch()){
            
            $me = $result['username'];
            
            $userId = $result['id'];
            
            $queryGroup = $Db->query("Select *from forum where forumTitle = \"$forumTitle\"");
            
            $result2 = $queryGroup->fetch();
            
            $groupID = $result2['fid'];
            
            $queryUserInGroup = $Db->query("Select *from private where groupID = $groupID AND userID = $userId");
            
            if($result3 = $queryUserInGroup->fetch()){
                
                
                
                $pass = "true";
                $userID = $userId;
               
            }
            else{
                
                $pass = "This user does not belong to this group";
            }
            if($userId==$_SESSION['id']){
                
               $pass="Sorry, you are the owner of the group and therefore cannot remove yourself";
            }
            
        }
        else{
            
            $pass = "Invalid Email Address entered";
        }
        if($email == ""){
                $pass = "Please enter an email address";
        }
        
        
        
        
    }
    
   if($pass=="true"){
       
       
       
    $query = $Db->query("SELECT *from forum where forumTitle = \"$forumTitle\"");
    $response = $query->fetch();
    $fid = $response['fid'];
       
       
   
        $user = $userID;
   
        $removing = new privateForumUsers($fid,$user);
  
       $removing->delete();
        
        //echo "does the addition";
   
    
    header("Location: privateForumUsers.php?display=$pass&forumTitle=$forumTitle");
    
    }
    
    else{
      $display = $pass;
        
        //header("Location: privateForumUsers.php?display=$pass&forumTitle=$forumTitle");
       
    }
    
    
}




?>

 



<!DOCTYPE html>
<html>
    <head>
		<link rel="stylesheet" href="css/privateForumUsers.css">
	</head >
	
	
	<body style="background: url(images/background.jpg);">
	
	
		<div id="wrapper">
		
			<div id="head">
		
					<table id="myTable" border=0>
						<tr>
							<td class="leftCell" ><span>Hello!! <span class="newAccount"><?php echo $_SESSION['username']; ?></a></span></td>
							<td class="middleCell" ><a class="newAccount" href="home.php">Home</a></td>
							<td class="rightCell" ><span><a class="newAccount" href="logOut.php">Sign out</a></span></td>
						</tr>
					</table>
		
            </div>
	
		<div id="container">
		
		
			<div id="optionSection">
			
                            <p class="newForum"><a class="noDecoration3" href="newForum.php">Create a New Forum</a></p>
			
			</div>
		
			
			
			<div id="myTable2">
			
				<div id="postSection">
				
                                    
                                    
                                    <h2 class="noDecoration" align="center"><?php echo $_GET['forumTitle'];?></h2>
                                    <hr/>
                                    
                                    
                                    
                                    
                                    <table class="privateUsers" align="center">
                                        
                                        <tr><input  type="hidden" name="forumTitle" value="<?php echo $_GET['forumTitle']; ?>"/></tr>
                                    <tr><td class="listOfMembers" colspan="5">Current Users(Owner not Listed)</td></tr>
                                        <?php
                                        
                                            $title = $_GET['forumTitle'];
                                            $queryForum = $Db->query("SELECT *from forum where forumTitle = \"$title\"");
                                            
                                            $result = $queryForum->fetch();
                                            
                                            $groupId = $result['fid'];
                                            
                                            $i = 0;
                                            $queryMembers = $Db->query("SELECT *from private where groupID = $groupId");
                                            
                                            $memberCount = 0;
                                            while($resultsMembers = $queryMembers->fetch()){
                                             
                                            $memberCount = $memberCount + 1;
                                            $id = $resultsMembers['userID'];
                                            $query = $Db->query("SELECT *from user where id = $id");
                                            
                                            
                                            $response = $query->fetch();
                                              
                                               if($i==0){?>
                                                 <tr>   
                                               <?php 
                                              
                                               }
                                             ?>
                                            
                                                <?php
                                               
                                               if($i<5){
                                                   
                                                   ?>
                                                
                                                
                                                     <td class="fixedCells"><span class="notice2">Name : <?php echo $response['lastName']; echo " "; echo $response['firstName'] ?></span><br/>
                                                         <span class="notice2">Email : <?php echo $response['email']; ?></span>
                                                   </td>
                                                       <?php
                                                   
                                                   $i = $i + 1;
                                               }
                                               
                                               if($i==5){?>
                                                 </tr>   
                                               <?php 
                                               $i=0;
                                               }
                                                
                                                
                                                
                                                
                                                
                                            }
                                        
                                            if($memberCount==0){
                                                ?>
                                                 
                                                 <tr><td class="notice"> As the owner, you are the only member of this group</td></tr>
                                                 
                                                 <?php
                                                
                                                
                                            }
                                        
                                        
                                        
                                        
                                        
                                        
                                        ?>
                                  
                                    </table>
                                        
                            
                                     <hr/>
                                    
                                    <form id="privateForm" action="privateForumUsers.php?forumTitle=<?php echo $_GET['forumTitle']; ?>" method="post">
                                        
                                        <p>
                                            
                                            <input type="text" name="value" placeholder="email address"/>
                                        </p>
                                    <table class="privateUsers" align="center">
                                        
                                        <tr><input  type="hidden" name="forumTitle" value="<?php echo $_GET['forumTitle']; ?>"/></tr>
                                       
                                       
                                        <?php
                                        
                                       
                                        ?>
                                  
                                    </table>
                                        
                                        <hr/>
                                        <table align="center">
                                        
                                        <tr>
                                            
                                            <td><input id="submit" type="submit" value="Add Users" name="add"/></td>
                                            <td><input id="submit" type="submit" value="Remove Users" name="remove"/></td>
                                        
                                        </tr>
                                    </table>
                                    
                                    </form>
                                    
                                    
                              <br/>
                              <br/>
                              <br/>
                                        <p id="error">
                                               
                                                 <?php
                                                
                                                if(isset($display)){
                                                    
                                                    echo "$display";
                                                }
                                                
                                                ?>
                                            
                                                
                                            </p>
					
				</div>
				
			</div>
	
			
	
		</div>
		
		</div>
		
		
	
	</body>
</html>
          
